[Pkg-openssl-changes] r921 - in openssl/branches/1.1.0/debian: . patches

Kurt Roeckx kroeckx at moszumanska.debian.org
Thu Nov 2 15:41:31 UTC 2017


Author: kroeckx
Date: 2017-11-02 15:41:31 +0000 (Thu, 02 Nov 2017)
New Revision: 921

Removed:
   openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch
   openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch
Modified:
   openssl/branches/1.1.0/debian/changelog
   openssl/branches/1.1.0/debian/patches/no-symbolic.patch
Log:
Make patches apply


Modified: openssl/branches/1.1.0/debian/changelog
===================================================================
--- openssl/branches/1.1.0/debian/changelog	2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/changelog	2017-11-02 15:41:31 UTC (rev 921)
@@ -3,8 +3,10 @@
   * New upstream version
     - Fixes CVE-2017-3735
     - Fixes CVE-2017-3736
+  * Remove patches applied upstream
   * Temporary enable TLS 1.0 and 1.1 again (#875423)
   * Attempt to fix testsuite race condition
+  * update no-symbolic.patch to apply
 
  -- Kurt Roeckx <kurt at roeckx.be>  Thu, 02 Nov 2017 15:22:48 +0100
 

Deleted: openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch	2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch	2017-11-02 15:41:31 UTC (rev 921)
@@ -1,47 +0,0 @@
-From 73bc53708c386c1ea85941d345721e23dc61c05c Mon Sep 17 00:00:00 2001
-From: Rich Salz <rsalz at openssl.org>
-Date: Wed, 31 May 2017 12:14:55 -0400
-Subject: [PATCH] Only release thread-local key if we created it.
-
-Thanks to Jan Alexander Steffens for finding the bug and confirming the
-fix.
-
-Reviewed-by: Richard Levitte <levitte at openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/3592)
----
- crypto/err/err.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/crypto/err/err.c b/crypto/err/err.c
-index f866f2fdd0..c55f849590 100644
---- a/crypto/err/err.c
-+++ b/crypto/err/err.c
-@@ -122,6 +122,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
- #endif
- 
- static CRYPTO_ONCE err_init = CRYPTO_ONCE_STATIC_INIT;
-+static int set_err_thread_local;
- static CRYPTO_THREAD_LOCAL err_thread_local;
- 
- static CRYPTO_ONCE err_string_init = CRYPTO_ONCE_STATIC_INIT;
-@@ -260,7 +261,8 @@ DEFINE_RUN_ONCE_STATIC(do_err_strings_init)
- 
- void err_cleanup(void)
- {
--    CRYPTO_THREAD_cleanup_local(&err_thread_local);
-+    if (set_err_thread_local != 0)
-+        CRYPTO_THREAD_cleanup_local(&err_thread_local);
-     CRYPTO_THREAD_lock_free(err_string_lock);
-     err_string_lock = NULL;
- }
-@@ -639,6 +641,7 @@ void ERR_remove_state(unsigned long pid)
- 
- DEFINE_RUN_ONCE_STATIC(err_do_init)
- {
-+    set_err_thread_local = 1;
-     return CRYPTO_THREAD_init_local(&err_thread_local, NULL);
- }
- 
--- 
-2.11.0
-

Deleted: openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch	2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch	2017-11-02 15:41:31 UTC (rev 921)
@@ -1,81 +0,0 @@
-From 523ea2721581cf9eaa20036327b53b36ba2135ba Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt at openssl.org>
-Date: Fri, 26 May 2017 13:06:08 +0100
-Subject: [PATCH] Fix a Proxy race condition
-
-Issue #3562 describes a problem where a race condition can occur in the
-Proxy such that a test "ok" line can appear in the middle of other text
-causing the test harness to miss it. The issue is that we do not wait for
-the client process to finish after the test is complete, so that process may
-continue to write data to stdout/stderr at the same time that the test
-harness does.
-
-This commit fixes TLSProxy so that we always wait for the client process to
-finish before continuing.
-
-Fixes #3562
-
-Reviewed-by: Richard Levitte <levitte at openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/3567)
-(cherry picked from commit b72668a0d3586ee2560f0536c43e18991a4cfc6f)
----
- util/TLSProxy/Proxy.pm | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
-
-diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm
-index bdb2cd8b5c..141cf53982 100644
---- a/util/TLSProxy/Proxy.pm
-+++ b/util/TLSProxy/Proxy.pm
-@@ -42,6 +42,7 @@ sub new
-         clientflags => "",
-         serverconnects => 1,
-         serverpid => 0,
-+        clientpid => 0,
-         reneg => 0,
- 
-         #Public read
-@@ -104,6 +105,7 @@ sub clearClient
-     $self->{record_list} = [];
-     $self->{message_list} = [];
-     $self->{clientflags} = "";
-+    $self->{clientpid} = 0;
- 
-     TLSProxy::Message->clear();
-     TLSProxy::Record->clear();
-@@ -225,6 +227,7 @@ sub clientstart
-             }
-             exec($execcmd);
-         }
-+        $self->clientpid($pid);
-     }
- 
-     # Wait for incoming connection from client
-@@ -315,6 +318,10 @@ sub clientstart
-         waitpid( $self->serverpid, 0);
-         die "exit code $? from server process\n" if $? != 0;
-     }
-+    die "clientpid is zero\n" if $self->clientpid == 0;
-+    print "Waiting for client process to close: ".$self->clientpid."\n";
-+    waitpid($self->clientpid, 0);
-+
-     return 1;
- }
- 
-@@ -508,6 +515,14 @@ sub serverpid
-     }
-     return $self->{serverpid};
- }
-+sub clientpid
-+{
-+    my $self = shift;
-+    if (@_) {
-+        $self->{clientpid} = shift;
-+    }
-+    return $self->{clientpid};
-+}
- 
- sub fill_known_data
- {
--- 
-2.13.2
-

Modified: openssl/branches/1.1.0/debian/patches/no-symbolic.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/no-symbolic.patch	2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/patches/no-symbolic.patch	2017-11-02 15:41:31 UTC (rev 921)
@@ -2,14 +2,16 @@
  Makefile.shared |    2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
---- a/Makefile.shared
-+++ b/Makefile.shared
-@@ -164,7 +164,7 @@ LINK_SO_SHLIB_UNPACKED=	\
+Index: openssl-1.1.0g/Makefile.shared
+===================================================================
+--- openssl-1.1.0g.orig/Makefile.shared
++++ openssl-1.1.0g/Makefile.shared
+@@ -154,7 +154,7 @@ LINK_SO_SHLIB_UNPACKED=	\
  DETECT_GNU_LD=($(CC) -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
  
  DO_GNU_SO_COMMON=\
--	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$(SHLIBNAME_FULL)"
++	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$(SHLIBNAME_FULL)"
  DO_GNU_DSO=\
- 	SHLIB=$(LIBNAME).so; \
- 	SHLIB_SOVER=; \
+ 	$(DO_GNU_SO_COMMON)
+ DO_GNU_SO=\




More information about the Pkg-openssl-changes mailing list